Security Advisories

Nuvoton Technologies strives to ensure the security of our customers computing environments. We are committed to providing prompt notification and remediation of any security vulnerabilities as they arise.

ID Advisory Title Impacted Products Publish Date Last Updated CVE Identifier Severity

SA-003

Denial of Service via Out-of-Bounds write to Trusted Platform Module (TPM)

NPCT65x with Firmware versions 1.3.0.1, 1.3.1.0 & 1.3.2.8

2023/3/3

2023/3/3

CVE-2023-1017

Medium

SA-002

Potential Extraction of an Elliptic Curve Cryptography (ECC) private key via a side-channel attack

NPCT75x with Firmware versions 7.2.0.1, 7.2.0.2 and 7.2.1.0

2021/08/10

2024/01/29

CVE-2020-25082

Medium

SA-001

Unauthorized Access to Non-Volatile Memory

NPCT75x TPM1.2 with Firmware version 7.4.0.0

2021/06/08

2021/06/08

CVE-2021-32015

Medium

 

To report a security vulnerability with a Nuvoton product, please click on this link.